$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/A6A53FA2D67E11EEAA2CA218C4F9AE02.roa File: A6A53FA2D67E11EEAA2CA218C4F9AE02.roa (raw, json) Hash identifier: Pa3ot+5z5ol95lA2w+Jvw6Gsu2PMGQdkC+e3HT9MeD8= Subject key identifier: CA:AB:0F:F1:31:22:17:6B:E5:6A:B6:AC:B7:AF:69:31:1C:D5:54:10 Certificate issuer: /CN=A91BC966/serialNumber=B2A25DDE1A9EC91B59986A532F78835436183248 Certificate serial: 0CED Authority key identifier: B2:A2:5D:DE:1A:9E:C9:1B:59:98:6A:53:2F:78:83:54:36:18:32:48 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/A6A53FA2D67E11EEAA2CA218C4F9AE02.roa Signing time: Sat 30 May 2026 19:22:17 +0000 ROA not before: Sat 30 May 2026 19:22:17 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 38565 IP address blocks: 36.252.0.0/15 maxlen: 23 36.253.19.0/24 maxlen: 24 36.253.24.0/24 maxlen: 24 36.253.26.0/24 maxlen: 24 43.243.96.0/22 maxlen: 24 49.126.0.0/16 maxlen: 20 103.38.196.0/22 maxlen: 24 116.68.208.0/21 maxlen: 24 2400:9500::/32 maxlen: 32 2400:9500:4000::/36 maxlen: 44 2400:9500:6000::/36 maxlen: 44 2400:9500:8000::/36 maxlen: 44 2400:9500:c000::/36 maxlen: 44 2400:9500:e000::/36 maxlen: 44 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/sqJd3hqeyRtZmGpTL3iDVDYYMkg.crl rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/sqJd3hqeyRtZmGpTL3iDVDYYMkg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 19 Jun 2026 18:35:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3309 (0xced) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BC966, serialNumber=B2A25DDE1A9EC91B59986A532F78835436183248 Validity Not Before: May 30 19:22:17 2026 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=6a1b38e9-bd68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:33:05:82:ae:0d:c1:10:f6:2e:77:b1:cd:59: 5b:61:2f:e2:82:c3:6d:96:5a:ea:66:0a:23:e5:db: 74:8d:7f:96:d8:48:ba:9e:1f:47:45:23:12:a4:b1: a0:89:e5:63:3f:e2:31:ae:27:b2:c4:d5:31:51:bb: 2f:89:07:cc:fa:31:64:be:1e:40:59:ed:3d:df:e2: 0f:49:40:a0:68:04:94:1b:f4:38:45:55:57:8a:0c: d8:40:37:6a:f8:b5:de:fc:96:79:5b:3e:9e:ac:4e: b5:9f:54:26:47:62:cb:8e:94:04:39:fd:01:1a:95: 12:f7:1b:cb:f0:96:8a:7b:71:3b:b9:ea:7d:ce:cc: b4:64:8e:fd:44:65:47:bd:c4:98:60:95:7e:88:b7: c5:a9:34:93:6d:9d:1d:ec:21:d7:9f:b3:48:0d:41: c8:d0:49:ad:96:f1:cb:fa:c0:97:31:91:af:8b:84: 02:d6:59:84:1f:3c:19:50:74:dd:54:31:0a:90:fe: e5:bc:68:e1:8b:95:c7:5e:8f:e3:39:b1:1e:04:61: a6:e9:71:14:23:5d:c3:f3:07:10:6d:e9:ff:7a:22: d2:60:7d:a4:98:50:14:6f:e7:0f:79:6b:a8:80:3a: 17:c9:9f:60:d5:da:5b:0f:6f:63:5d:ae:c4:7f:95: 55:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:AB:0F:F1:31:22:17:6B:E5:6A:B6:AC:B7:AF:69:31:1C:D5:54:10 X509v3 Authority Key Identifier: keyid:B2:A2:5D:DE:1A:9E:C9:1B:59:98:6A:53:2F:78:83:54:36:18:32:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/sqJd3hqeyRtZmGpTL3iDVDYYMkg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/A6A53FA2D67E11EEAA2CA218C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 36.252.0.0/15 43.243.96.0/22 49.126.0.0/16 103.38.196.0/22 116.68.208.0/21 IPv6: 2400:9500::/32 Signature Algorithm: sha256WithRSAEncryption 11:03:1f:1d:43:15:62:db:5e:6d:5e:3b:e8:e2:39:2b:21:64: 0f:64:73:3b:4e:09:40:6d:94:f9:55:e7:82:bf:e5:8e:61:40: db:d4:be:97:69:ca:51:12:4d:7a:c7:4d:29:e3:ab:9a:2b:4c: c3:0e:07:3e:3f:19:44:4d:8b:f7:3c:ed:d4:cd:cc:8b:d5:ea: 11:e9:85:8e:49:13:4f:b0:a9:c6:a5:36:ed:66:40:29:6f:83: a5:d5:6c:56:53:c8:fa:a7:2d:0b:e5:c8:58:e3:43:d8:ba:c6: 23:a1:1d:94:5c:8f:e5:c9:f9:3f:38:f9:e2:aa:10:15:d1:d5: 0c:3e:fa:85:0e:6d:f5:9e:54:06:b0:ee:95:5e:5f:00:50:de: e6:2d:02:77:2d:b0:e4:ad:33:79:1f:74:66:bf:18:fa:a2:85: df:8d:c5:05:97:68:d7:41:e0:a0:20:81:92:ad:ca:a8:44:9e: 09:7f:30:2f:8b:4b:03:81:51:7c:75:52:ef:3b:fd:10:b1:96: 5a:a2:6d:a0:e0:6a:6f:69:bc:f2:17:65:fd:14:33:27:b8:f9: 7f:f5:46:98:04:d5:4d:55:01:51:84:84:b1:56:a0:65:f4:a4: 83:cc:ff:d1:a6:7d:50:cb:eb:53:90:b8:2d:9f:d4:9d:56:5b: b9:90:1a:06 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgICDO0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkM5NjYxMTAvBgNVBAUTKEIyQTI1RERFMUE5RUM5MUI1OTk4NkE1MzJGNzg4MzU0 MzYxODMyNDgwHhcNMjYwNTMwMTkyMjE3WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02YTFiMzhlOS1iZDY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoTMFgq4NwRD2LnexzVlbYS/igsNtllrqZgoj5dt0jX+W2Ei6nh9HRSMSpLGg ieVjP+IxrieyxNUxUbsviQfM+jFkvh5AWe093+IPSUCgaASUG/Q4RVVXigzYQDdq +LXe/JZ5Wz6erE61n1QmR2LLjpQEOf0BGpUS9xvL8JaKe3E7uep9zsy0ZI79RGVH vcSYYJV+iLfFqTSTbZ0d7CHXn7NIDUHI0EmtlvHL+sCXMZGvi4QC1lmEHzwZUHTd VDEKkP7lvGjhi5XHXo/jObEeBGGm6XEUI13D8wcQben/eiLSYH2kmFAUb+cPeWuo gDoXyZ9g1dpbD29jXa7Ef5VV0wIDAQABo4IChTCCAoEwHQYDVR0OBBYEFMqrD/Ex Ihdr5Wq2rLevaTEc1VQQMB8GA1UdIwQYMBaAFLKiXd4anskbWZhqUy94g1Q2GDJI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzk2Ni9BMTk1MkJBMjFD MTExMUVBQjZDM0M3NkRDNEY5QUUwMi9zcUpkM2hxZXlSdFptR3BUTDNpRFZEWVlN a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NxSmQzaHFleVJ0Wm1HcFRMM2lEVkRZWU1rZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkM5NjYvQTE5NTJCQTIxQzExMTFFQUI2QzNDNzZEQzRGOUFFMDIvQTZBNTNGQTJE NjdFMTFFRUFBMkNBMjE4QzRGOUFFMDIucm9hMEQGCCsGAQUFBwEHAQH/BDUwMzAi BAIAATAcAwMBJPwDBAIr82ADAwAxfgMEAmcmxAMEA3RE0DANBAIAAjAHAwUAJACV ADANBgkqhkiG9w0BAQsFAAOCAQEAEQMfHUMVYttebV476OI5KyFkD2RzO04JQG2U +VXngr/ljmFA29S+l2nKURJNesdNKeOrmitMww4HPj8ZRE2L9zzt1M3Mi9XqEemF jkkTT7CpxqU27WZAKW+DpdVsVlPI+qctC+XIWOND2LrGI6EdlFyP5cn5Pzj54qoQ FdHVDD76hQ5t9Z5UBrDulV5fAFDe5i0Cdy2w5K0zeR90Zr8Y+qKF343FBZdo10Hg oCCBkq3KqESeCX8wL4tLA4FRfHVS7zv9ELGWWqJtoOBqb2m88hdl/RQzJ7j5f/VG mATVTVUBUYSEsVagZfSkg8z/0aZ9UMvrU5C4LZ/UnVZbuZAaBg== -----END CERTIFICATE-----Generated at Sat Jun 13 10:07:34 2026 by rpki-client